CN109803255A - For digitizing the mobile data information secure communications system and method in workshop - Google Patents
For digitizing the mobile data information secure communications system and method in workshop Download PDFInfo
- Publication number
- CN109803255A CN109803255A CN201811552958.6A CN201811552958A CN109803255A CN 109803255 A CN109803255 A CN 109803255A CN 201811552958 A CN201811552958 A CN 201811552958A CN 109803255 A CN109803255 A CN 109803255A
- Authority
- CN
- China
- Prior art keywords
- data information
- mobile data
- information processing
- processing terminal
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the present invention provides a kind of for digitizing the mobile data information secure communications system and method in workshop, including center management module and the mobile data information processing terminal, wherein: the center management module, for to the mobile data information processing terminal equipment account and key certificate be managed, and the safety of the mobile data information processing terminal is verified, for being securely communicated between each mobile data information processing terminal;The mobile data information processing terminal is acquired and handles for the data information to digitlization workshop, and sends the center management module or other mobile data information processing terminals for collected data information.The embodiment of the present invention is encrypted the mobile data information processing terminal by center management module, and verifies to encrypted facility information, and when carrying out information transmission, so that data information confidentiality improves, wireless communication procedure is more safe and reliable.
Description
Technical field
The present embodiments relate to wireless communication technology fields more particularly to a kind of for digitizing the mobile data in workshop
Information secure communications system and method.
Background technique
The acquisition of the qualitative data in traditional processing workshop is also rested on mostly and is tested using traditional cubing, and passes through hand
Work record and the method calculated carry out data statistics, and this mode precision is not high, error rate is higher and collecting efficiency is low, and
Data information is not easy to maintain and retrospect utilizes.As all kinds of novel information technologies such as networking, Internet of Things, sensor are in workshop
The development and application of information collection level digitize the appearance in workshop so that the data information during plant working is more comprehensive
Multiplicity.
In digitlization workshop, the mobile data information processing terminal refers to (to be referred generally to data storage and computing capability
Have operating system), have man-machine interface, specifically to have display and input function, machine itself with battery, electricity can be used
The portable data processing terminal of pond work.The mobile data information processing terminal is because of its low cost, high maneuverability, portable
Band, many advantages, such as easy to use and timeliness is strong are widely applied in digitlization workshop.However, due to mobile data
Mobility, the particularity of flexibility and message transmitting procedure of the information processing terminal, lead to the mobile data information processing terminal
Safety problem is also more and more prominent, is mainly manifested in it and is highly prone to Communication Jamming or is used by lawless people, to threaten shifting
Communication security between dynamic processing data information terminal.
Therefore, it needs a kind of to solve for digitizing the mobile data information secure communications system and method in workshop now
The above problem.
Summary of the invention
In view of the problems of the existing technology, the embodiment of the present invention provides a kind of mobile data letter for digitizing workshop
Cease safe communication system and method.
In a first aspect, the embodiment of the invention provides a kind of for digitizing the mobile data information secure communications system in workshop
System and method, including center management module and the mobile data information processing terminal, in which:
The center management module, for the mobile data information processing terminal equipment account and key certificate into
Row management, and the safety of the mobile data information processing terminal is verified, for each mobile data information processing
It is securely communicated between terminal;
The mobile data information processing terminal is acquired and handles for the data information to digitlization workshop, and
The center management module or other mobile data information processing terminals are sent by collected data information.
Second aspect, the embodiment of the invention provides a kind of based on the movement for being used to digitize workshop described in first aspect
The mobile data information secure communications method of data information security communication system, comprising:
The communication request that first movement processing data information terminal is sent to the second mobile data information processing terminal is obtained,
The communication request carries the communication code and the first public key certificate of the first movement processing data information terminal;
The communication code and first public key certificate are verified, if being verified, verification result is sent
To the second mobile data information processing terminal, moved so that the first movement processing data information terminal obtains described second
Second public key certificate of dynamic processing data information terminal;
Second public key certificate that the first movement processing data information terminal is sent is obtained, it is public according to described second
Key certificate carries out integrity verification, if being verified, the first movement to the second mobile data information processing terminal
Processing data information terminal is established secure communication with the second mobile data information processing terminal and is connected.
The third aspect, the embodiment of the present invention provides a kind of electronic equipment, including memory, processor and is stored in memory
Computer program that is upper and can running on a processor, is realized when the processor executes described program as second aspect provides
Method the step of.
Fourth aspect, the embodiment of the present invention provide a kind of non-transient computer readable storage medium, are stored thereon with calculating
Machine program is realized as provided by second aspect when the computer program is executed by processor the step of method.
It is provided in an embodiment of the present invention a kind of for digitizing the mobile data information secure communications system and method in workshop,
The mobile data information processing terminal is encrypted by center management module, and encrypted facility information is tested
Card, it is ensured that the communication security between the mobile data information processing terminal, mobile data information processing is whole in digitlization workshop
When end carries out information transmission, so that data information confidentiality improves, wireless communication procedure is more safe and reliable.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is this hair
Bright some embodiments for those of ordinary skill in the art without creative efforts, can be with root
Other attached drawings are obtained according to these attached drawings.
Fig. 1 is provided in an embodiment of the present invention for digitizing the structure of the mobile data information secure communications system in workshop
Schematic diagram;
Fig. 2 is provided in an embodiment of the present invention for digitizing the process of the mobile data information secure communications method in workshop
Schematic diagram;
Fig. 3 is the verification process schematic diagram of mobile data information provided in an embodiment of the present invention;
Fig. 4 is electronic devices structure schematic diagram provided in an embodiment of the present invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is
A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art
Every other embodiment obtained without creative efforts, shall fall within the protection scope of the present invention.
Protocol of wireless local area network defines the physical layer and media access control (Media Access of WLAN application
Control, abbreviation MAC) rule, it is correct, reliable and effective to be that information between each mobile data information processing terminal is able to
The basis of transmission, agreement include the definition to information, management, control and physical layer.During data information transfer, mobile number
According to the information processing terminal no longer using cable as prevailing transmission medium, but by electromagnetic wave complete the shared of data information and
Transmission.Peace for WLAN (Wireless Local Area Networks, abbreviation WLAN), in communication system
Full problem, in terms of being mainly manifested in following two: on the one hand, unauthorized access class safety problem mostly occurs in part to wireless network
Network setting access security protection it is lower or and not set security protection wireless network user, the unwarranted network terminal by
Attack tool can invade open biggish wireless network easily.The invasion of unauthorized terminal not only results in network flow quilt
It occupies, networking speed can also be had some impact on, network utilization is caused to reduce, part non-authorized infection end even can also be right
Network settings are modified, and cause centainly to lose to user.On the other hand, message transmission confidentiality is lower, when message transmission with
When a kind of plaintext version is transmitted, if being intercepted in transmittance process, that is, transmitting information can be read, cause information leakage, thus
Bring more serious influence.
In current digitlization workshop daily operation, the communication connection between the mobile data information processing terminal does not have also
Perfect communication system, when using the mobile data information processing terminal, it is understood that there may be with workshop, materials warehouse or finished product
During other mobile data information processing terminals in warehouse are communicated, information is intercepted, leads to information leakage, or
The case where maliciously use, to bring huge loss to enterprise.
Fig. 1 is provided in an embodiment of the present invention for digitizing the structure of the mobile data information secure communications system in workshop
Schematic diagram, as shown in Figure 1, the embodiment of the invention provides a kind of for digitizing the mobile data information secure communications system in workshop
System, including center management module 101 and the mobile data information processing terminal 102, in which:
The center management module 101, for the equipment account and key to the mobile data information processing terminal 102
Certificate is managed, and is verified to the safety of the mobile data information processing terminal 102, for each mobile data
It is securely communicated between the information processing terminal 102;
The mobile data information processing terminal 102 is acquired and handles for the data information to digitlization workshop,
And the center management module 101 or other mobile data information processing terminals 102 are sent by collected data information.
In embodiments of the present invention, master control and key distribution management are carried out by center management module 101, to every in system
The facility information and data information of a mobile data information processing terminal 102 are verified, to ensure each mobile data letter
It is securely communicated between breath processing terminal 102.Center management module 101 possesses a set of public key and private key, i.e., system public key and
The security information of system private key, each mobile data information processing terminal 102 is signed by system private key, and by centre management mould
Block 101 sends digital certificate in the corresponding mobile data information processing terminal, wherein digital certificate includes: mobile data
The registration information of the information processing terminal, system public key, terminal secret key, public key certificate (public key and digital signature).Of the invention real
It applies in example, center management module 101 is mainly responsible for the management of terminal account and the management and distribution of record, key certificate, terminal
The safety verification of identity, the verifying of terminal communication security and real time communication exception monitoring.In addition to this, center management module 101 is gone back
It is responsible for registration, login, verifying and the relevant issues processing etc. of the mobile data information processing terminal 102, so that mobile data be believed
The end message of breath processing terminal 102 is registered in system, so that each mobile data information processing terminal 102 is being led to
Before letter, center management module 101 carries out security verification to it.
Further, each mobile data information processing terminal 102 before the use, needs to pass through center management module
101 carry out login network access, obtain unique and independent device coding and master key.In embodiments of the present invention, firstly, mobile number
Application for registration is sent to center management module 102 according to the information processing terminal 102, center management module 102 is according to registration request
The mobile data information processing terminal 102 generates a unique device coding, and device coding is stored in centre management mould
In the device coding table of block 102, while device coding being returned in the mobile data information processing terminal 102.Then, mobile number
Device coding is encrypted by the system public key of center management module 101 according to the information processing terminal 102, and is sent to center
Management module 101, center management module 101 are decrypted by the device coding of system private key pair encryption, and will be after decryption
The device coding that device coding and early period save carries out proving and comparisom, if the account information of the two is consistent, center management module
101 generate corresponding digital certificate, and send the mobile data information processing terminal 102 for digital certificate, to complete to register
It networks.If the account information of the two is inconsistent, stop registering, and take corresponding safety measure, to prevent information leakage or evil
Meaning uses.
In embodiments of the present invention, when the mobile data information processing terminal 102 is communicated, first to central tube
It manages module 101 and sends two encryption device codings, the two encryption device codings, one of them is to pass through center management module
101 system public key is encrypted to obtain to device coding, the other is passing through the mobile data information processing terminal 102
Private key is encrypted to obtain to device coding.After center management module 101 receives the two encryption device codings,
Center management module 101 is decrypted by device coding of the system private key to system public key encryption first, after being decrypted
First device coding passes through what is inquired further according to terminal secret key corresponding on the first device coding query facility coding schedule
Another encryption device coding is decrypted in terminal secret key, the second device coding after being decrypted, and judges the second equipment
It encodes whether consistent with corresponding device coding on device coding table.If judgement knows that device coding is consistent, mobile data letter
The login authentication success of processing terminal 102 is ceased, center management module 101 generates a communication code, for mobile data information
Processing terminal 102 and other progress mobile data information processing terminals securely communicate;If judgement knows that device coding is different
It causes, then logins authentication failed, forbidden moves processing data information terminal 102 establishes communication connection.
The embodiment of the present invention is encrypted the mobile data information processing terminal by center management module 101, and
Encrypted facility information is verified, it is ensured that the communication security between the mobile data information processing terminal is digitizing
When the mobile data information processing terminal carries out information transmission in workshop, so that data information confidentiality improves, wireless communication procedure
It is more safe and reliable.
On the basis of the above embodiments, the center management module 101 is also used to the mobile data information processing
Terminal 102 carries out equipment identity register, is tested with the request progress safety of logining to the mobile data information processing terminal 102
Card.
Fig. 2 is provided in an embodiment of the present invention for digitizing the process of the mobile data information secure communications method in workshop
Schematic diagram, as shown in Fig. 2, the mobile data information peace that the embodiment of the invention provides a kind of based on above-mentioned for digitizing workshop
The mobile data information secure communications method of full communication system, comprising:
Step 201, it obtains first movement processing data information terminal and is sent to the second mobile data information processing terminal
Communication request, the communication request carry the communication code and the first public key card of the first movement processing data information terminal
Book;
Step 202, the communication code and first public key certificate are verified, it, will verifying if being verified
As a result it is sent to the second mobile data information processing terminal, so that the first movement processing data information terminal obtains institute
State the second public key certificate of the second mobile data information processing terminal;
Step 203, second public key certificate that the first movement processing data information terminal is sent is obtained, according to institute
It states the second public key certificate and integrity verification is carried out to the second mobile data information processing terminal, it is described if being verified
First movement processing data information terminal is established secure communication with the second mobile data information processing terminal and is connected.
In embodiments of the present invention, it firstly, by step 201, obtains first movement processing data information terminal and is sent to
The communication request of the second mobile data information processing terminal.The second mobile data information processing terminal is receiving first movement number
After the communication request of the information processing terminal, the communication of the first movement processing data information terminal carried in communication request is compiled
Code and the first public key certificate are sent to center management module.Then, by step 202, to the communication code and described first
Public key certificate is verified, if being verified, sends the second mobile data information processing terminal for verification result, with
The second public key certificate of the second mobile data information processing terminal is obtained for the first movement processing data information terminal.
After the second mobile data information processing terminal receives communication request, first movement number is verified by center management module first
According in information processing communication code and public key certificate whether the information matches with center management module record, if matching, the
The two mobile data information processing terminals send the public key certificate of oneself, i.e. the second public key certificate, arrive at first movement data information
Manage terminal;If mismatching, center management module carries out the whole network warning, and takes related security.
Finally, obtaining second public key card that the first movement processing data information terminal is sent by step 203
Book carries out integrity verification to the second mobile data information processing terminal according to second public key certificate, if verifying is logical
It crosses, then the first movement processing data information terminal and the second mobile data information processing terminal establish secure communication company
It connects.In embodiments of the present invention, first movement processing data information terminal and the second mobile data information processing terminal are carrying out
Before communication, need to verify the second mobile data information processing terminal integrality.Center management module is moved according to first
The second public key certificate that dynamic processing data information terminal is sent, generates two identical random sequences, passes through the second mobile data
The terminal secret key of the information processing terminal encrypts one of random sequence, and is sent to first movement processing data information
Terminal.Meanwhile the second mobile data information processing terminal is sent by the random sequence of another unencryption, in the second mobile number
After receiving random sequence according to the information processing terminal, random sequence is encrypted by the terminal secret key of oneself, and sends
To the first processing data information terminal.The random sequence that first movement processing data information terminal respectively encrypts two solves
It is close, and whether two random sequences compared after decryption are consistent, if unanimously, the second mobile data information processing terminal is known in judgement
Information be it is complete, then secure communication connection is established between two mobile data information processing terminals;If inconsistent, judge
Know that the information of the second mobile data information processing terminal has missing problem, center management module takes safety measures at once.Fig. 3
For the verification process schematic diagram of mobile data information provided in an embodiment of the present invention, can refer to shown in Fig. 3, the specific steps are as follows:
Step 301, the mobile data information processing terminal completes facility information registration by center management module, gets pair
The device coding answered;
Step 302, center management module verifies the request of logining that the mobile data information processing terminal is sent;
Step 303, if device coding is verified, until step 304, if not passing through, until step 308;
Step 304, center management module generates unique communication code to the mobile data information processing terminal;
Step 305, security verification is carried out according to communication code, if by verifying, until step 306, otherwise, until step
308;
Step 306, the integrality for the mobile data information processing terminal for needing to establish secure communication connection is verified;
If by verifying, until step 307, otherwise, until step 308;
Step 307, the secure communication connection between the mobile data information processing terminal is established;
Step 308, the unsanctioned mobile data information processing terminal will be verified to take safety measures, and to centre management mould
Block carries out alarm prompt.
The embodiment of the present invention is believed by the way that the mobile data information processing terminal is encrypted, and to encrypted equipment
Breath is verified, it is ensured that the communication security between the mobile data information processing terminal, the mobile data letter in digitlization workshop
When ceasing processing terminal progress information transmission, so that data information confidentiality improves, wireless communication procedure is more safe and reliable.
On the basis of the above embodiments, obtain that the first movement processing data information terminal sends described the
Two public key certificate carry out integrity verification to the second mobile data information processing terminal according to second public key certificate,
If being verified, the first movement processing data information terminal and the second mobile data information processing terminal establish peace
Full communication connection, comprising:
Integrity verification random sequence is obtained, the integrity verification random sequence is obtained according to second public key certificate
It arrives;
Integrality is carried out to the second mobile data information processing terminal according to the integrity verification random sequence to test
Card, if being verified, the first movement processing data information terminal and the second mobile data information processing terminal are built
Vertical secure communication connection.
In embodiments of the present invention, the second public affairs that center management module is sent according to first movement processing data information terminal
Key certificate generates two identical random sequences, by the terminal secret key of the second mobile data information processing terminal to wherein one
A random sequence is encrypted, and is sent to first movement processing data information terminal.Meanwhile by the random of another unencryption
Sequence is sent to the second mobile data information processing terminal, the second mobile data information processing terminal receive random sequence it
Afterwards, random sequence is encrypted by the terminal secret key of oneself, and is sent to the first processing data information terminal.First movement
The random sequence that processing data information terminal respectively encrypts two is decrypted, and two random sequences compared after decryption are
It is no consistent, if unanimously, judgement knows that the information of the second mobile data information processing terminal is completely, to illustrate establishing communication link
After connecing, the information received be it is genuine and believable, then established between two mobile data information processing terminals secure communication company
It connects;If inconsistent, judgement knows that the information of the second mobile data information processing terminal has missing problem, it may be possible to have illegal point
Eclampsia gravidarum, which fills the second mobile data information processing terminal publication deceptive information or the information integrity of transmission itself, to be destroyed.
At this point, center management module takes safety measures at once, and connection is established between forbidden moves processing data information terminal.
On the basis of the above embodiments, the second movement is sent in the acquisition first movement processing data information terminal
Before the communication request of processing data information terminal, the method also includes:
The registration request for obtaining the mobile data information processing terminal generates the mobile data according to the registration request and believes
The device coding of processing terminal is ceased, and sends the mobile data information processing terminal, the movement for the device coding
Processing data information terminal encrypts the device coding by the public key of center management module, obtains encryption equipment and compiles
Code;
The encryption device coding is decrypted by the private key of the center management module, is judged according to decrypted result
Know that the mobile data information processing terminal meets communication connection condition, then generates corresponding digital certificate and be sent to the shifting
Dynamic processing data information terminal, to be registered to the mobile data information processing terminal.
In embodiments of the present invention, each mobile data information processing terminal needs to pass through center before being communicated
Management module carries out login network access, obtains unique and independent device coding and master key.Firstly, mobile data information processing is whole
It holds to center management module and sends application for registration, center management module is whole for the mobile data information processing according to registration request
End generates a unique device coding, and device coding is stored in the device coding table of center management module, simultaneously will
Device coding returns in the mobile data information processing terminal.Then, the mobile data information processing terminal passes through centre management mould
The system public key of block encrypts device coding, and is sent to center management module.Center management module passes through system private key
The device coding of encryption is decrypted, and the device coding after decryption and the device coding saved early period are subjected to verifying pair
Than if the account information of the two is consistent, center management module generates corresponding digital certificate, and sends shifting for digital certificate
Dynamic processing data information terminal, to complete login network access.If the account information of the two is inconsistent, stop registering, and take
Corresponding safety measure, to prevent information leakage or malice from using.
On the basis of the above embodiments, the encryption equipment is compiled in the private key by the center management module
Code is decrypted, and knows that the mobile data information processing terminal meets communication connection condition according to decrypted result judgement, then gives birth to
Be sent to the mobile data information processing terminal at corresponding digital certificate, with to the mobile data information processing terminal into
After row registration, the method also includes:
The public key encryption device coding and private key encryption device coding of the mobile data information processing terminal are obtained, it is described
Public key encryption device coding encrypts to obtain by the public key of the center management module to the device coding, the private key encryption
Device coding encrypts to obtain by the private key of the mobile data information processing terminal to the device coding;
The public key encryption device coding and the private key encryption device coding are decrypted respectively, according to decryption
As a result judgement knows that the logining for the mobile data information processing terminal is proved to be successful, then generates the mobile data information processing
The communication coding of terminal is established for the mobile data information processing terminal and is communicated to connect.
In embodiments of the present invention, when the mobile data information processing terminal is communicated, first to centre management
Module sends two encryption device codings, one of them is to be added by the system public key of center management module to device coding
Close processing obtains, the other is being encrypted to obtain to device coding by the private key of the mobile data information processing terminal.
After center management module receives the two encryption device codings, center management module passes through system private key to system first
The device coding of public key encryption is decrypted, the first device coding after being decrypted, and sets further according to the inquiry of the first device coding
Corresponding terminal secret key on standby coding schedule is decrypted another encryption device coding by the terminal secret key inquired,
The second device coding after being decrypted, and judge the second device coding and corresponding device coding on device coding table whether one
It causes.If judgement knows that device coding is consistent, the login authentication success of the mobile data information processing terminal, center management module life
At a communication code, so that the mobile data information processing terminal and other progress mobile data information processing terminals carry out safety
Communication;If judgement knows that device coding is inconsistent, authentication failed is logined, forbidden moves processing data information terminal establishes communication
Connection.
On the basis of the above embodiments, it is obtained described in the first movement processing data information terminal transmission described
Second public key certificate carries out integrality to the second mobile data information processing terminal according to second public key certificate and tests
Card, if being verified, the first movement processing data information terminal and the second mobile data information processing terminal are built
After vertical secure communication connection, the method also includes:
According to the solution annual reporting law of Byzantium's general's problem to the communication process between each mobile data information processing terminal
Security verification is carried out, is taken safety measures to the mobile data information processing terminal for sending wrong data information, so that its
His mobile data information processing terminal securely communicates.
In embodiments of the present invention, after each mobile data information processing terminal starts normal communication, if any move
Dynamic processing data information lost terminal is obtained by lawless people, since this mobile data information processing terminal belongs to safety
In communication network, therefore, it is necessary to " turning traitor " behaviors to the mobile data information processing terminal to identify.In computer distribution type
In system, need to solve a part of failure bring mistake, i.e., the conflicting information that the few members in system issue, system can be right
It carries out ignoring processing.In embodiments of the present invention, in order to make system normal operation, even if several mobile data information processings are whole
" turning traitor " occurs for end, and entire secure communication environment will not be made to change.
In embodiments of the present invention, the solution annual reporting law of Byzantium general problem is introduced it is found that and if only if inciting somebody to action less than 1/3
When army is traitor, Byzantine failure tolerance just can be achieved, therefore, t traitor is if desired tolerated, it is necessary that total general's number
Greater than 3t+1.Due to Byzantium's general's problem solution annual reporting law need and if only if turn traitor number be less than one third sums
When, can just there be effectively solution.In embodiments of the present invention, it is illustrated by taking four mobile data information processing terminals as an example.It is first
First, what the normal mobile data information processing terminal was sent to other all mobile data information processing terminals is all really to believe
Breath, but the mobile data information processing terminal transmission turned traitor may be error message.So, mobile data information processing is set
Terminal a sends information A to other mobile data information processing terminals in vector form, wherein vector contains some existing
The binary data of data critical word length;And so on, mobile data information processing terminal b sends vector B, mobile data letter
It ceases processing terminal c and sends vector C, but the mobile data information processing terminal d turned traitor is at other three mobile data information
It manages terminal and sends three different vector X, Y and Z (X, Y and Z can be correct value, it is also possible to full of prunes value).It
Afterwards, four mobile data information processing terminals exchange the information oneself obtained, and the mobile data information processing terminal turned traitor is again
Send arbitrary information.Each mobile data information processing terminal forms corresponding matrix later, specific as follows:
It can thus be concluded that going out, there is different row and columns in each matrix, and this different value is believed from mobile data
Cease processing terminal d.Accordingly, it is determined that mobile data information processing terminal d has " traitor " behavior, at this time at forbidden moves data information
The network communication of terminal d is managed, and positions the geographical location of mobile data information processing terminal d, carries out associated safety processing.
The embodiment of the present invention passes through the solution annual reporting law of Byzantium general problem, looks between the mobile data information processing terminal
The mobile data information processing terminal for sending error message is found out, and navigates to ground locating for the mobile data information processing terminal
Position is managed, then further progress associated safety is handled, and ensure that the safety of communication system not will receive destruction, and can find out
It specifically " turns traitor " mobile data information processing and sets terminal, so that the communication between the mobile data information processing terminal is safer
Reliably.
Fig. 4 is electronic devices structure schematic diagram provided in an embodiment of the present invention, as shown in figure 4, the electronic equipment can wrap
It includes: processor (Processor) 401, communication interface (Communications Interface) 402, memory (Memory)
403 and communication bus 404, wherein processor 401, communication interface 402, memory 403 are completed mutually by communication bus 404
Between communication.Processor 401 can call the logical order in memory 403, to execute following method: obtaining first movement number
It is sent to the communication request of the second mobile data information processing terminal according to the information processing terminal, the communication request carries described the
The communication code and the first public key certificate of the one mobile data information processing terminal;The communication code and first public key are demonstrate,proved
Book is verified, if being verified, the second mobile data information processing terminal is sent by verification result, for described
First movement processing data information terminal obtains the second public key certificate of the second mobile data information processing terminal;Obtain institute
Second public key certificate for stating the transmission of first movement processing data information terminal, according to second public key certificate to described the
The two mobile data information processing terminals carry out integrity verification, if being verified, the first movement processing data information is whole
End is established secure communication with the second mobile data information processing terminal and is connected.
In addition, the logical order in above-mentioned memory 403 can be realized by way of SFU software functional unit and conduct
Independent product when selling or using, can store in a computer readable storage medium.Based on this understanding, originally
Substantially the part of the part that contributes to existing technology or the technical solution can be in other words for the technical solution of invention
The form of software product embodies, which is stored in a storage medium, including some instructions to
So that a computer equipment (can be personal computer, server or the network equipment etc.) executes each implementation of the present invention
The all or part of the steps of example the method.And storage medium above-mentioned include: USB flash disk, mobile hard disk, read-only memory (ROM,
Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic or disk etc. it is various
It can store the medium of program code.
The embodiment of the present invention discloses a kind of computer program product, and the computer program product is non-transient including being stored in
Computer program on computer readable storage medium, the computer program include program instruction, when described program instructs quilt
When computer executes, computer is able to carry out method provided by above-mentioned each method embodiment, for example, obtains first movement
Processing data information terminal is sent to the communication request of the second mobile data information processing terminal, described in the communication request carries
The communication code and the first public key certificate of first movement processing data information terminal;To the communication code and first public key
Certificate is verified, if being verified, the second mobile data information processing terminal is sent by verification result, for institute
State the second public key certificate that first movement processing data information terminal obtains the second mobile data information processing terminal;It obtains
Second public key certificate that the first movement processing data information terminal is sent, according to second public key certificate to described
The second mobile data information processing terminal carries out integrity verification, if being verified, the first movement processing data information
Terminal is established secure communication with the second mobile data information processing terminal and is connected.
The embodiment of the present invention provides a kind of non-transient computer readable storage medium, the non-transient computer readable storage medium
The instruction of matter storage server, the computer instruction execute computer provided by above-described embodiment for digitizing the shifting in workshop
Dynamic data information security communication means, for example, obtain first movement processing data information terminal and be sent to the second mobile number
According to the communication request of the information processing terminal, the communication that the communication request carries the first movement processing data information terminal is compiled
Code and the first public key certificate;The communication code and first public key certificate are verified, it, will verifying if being verified
As a result it is sent to the second mobile data information processing terminal, so that the first movement processing data information terminal obtains institute
State the second public key certificate of the second mobile data information processing terminal;The first movement processing data information terminal is obtained to send
Second public key certificate, the second mobile data information processing terminal is carried out according to second public key certificate complete
Property verifying, if being verified, the first movement processing data information terminal and the second mobile data information processing are whole
Secure communication connection is established at end.
Finally, it should be noted that the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although
Present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: it still may be used
To modify the technical solutions described in the foregoing embodiments or equivalent replacement of some of the technical features;
And these are modified or replaceed, technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution spirit and
Range.
Claims (9)
1. a kind of for digitizing the mobile data information secure communications system in workshop, which is characterized in that including centre management mould
Block and the mobile data information processing terminal, in which:
The center management module, for the mobile data information processing terminal equipment account and key certificate carry out pipe
Reason, and the safety of the mobile data information processing terminal is verified, for each mobile data information processing terminal
Between securely communicate;
The mobile data information processing terminal is acquired and handles for the data information to digitlization workshop, and will adopt
The data information collected is sent to the center management module or other mobile data information processing terminals.
2. system according to claim 1, which is characterized in that the center management module is also used to the mobile data
The information processing terminal carries out equipment identity register, carries out safety with the request of logining to the mobile data information processing terminal
Verifying.
3. a kind of movement based on the mobile data information secure communications system as claimed in claim 1 or 2 for being used to digitize workshop
Data information security communication means characterized by comprising
The communication request that first movement processing data information terminal is sent to the second mobile data information processing terminal is obtained, it is described
Communication request carries the communication code and the first public key certificate of the first movement processing data information terminal;
The communication code and first public key certificate are verified, if being verified, send institute for verification result
The second mobile data information processing terminal is stated, so that the first movement processing data information terminal obtains the described second mobile number
According to the second public key certificate of the information processing terminal;
Second public key certificate that the first movement processing data information terminal is sent is obtained, is demonstrate,proved according to second public key
Book carries out integrity verification, if being verified, the first movement data to the second mobile data information processing terminal
The information processing terminal is established secure communication with the second mobile data information processing terminal and is connected.
4. according to the method described in claim 3, it is characterized in that, described obtain the first movement processing data information terminal
Second public key certificate sent, carries out the second mobile data information processing terminal according to second public key certificate
Integrity verification, if being verified, at the first movement processing data information terminal and the second mobile data information
Reason terminal establishes secure communication connection, comprising:
Integrity verification random sequence is obtained, the integrity verification random sequence is obtained according to second public key certificate;
Integrity verification is carried out to the second mobile data information processing terminal according to the integrity verification random sequence, if
It is verified, then the first movement processing data information terminal and the second mobile data information processing terminal establish safety
Communication connection.
5. according to the method described in claim 4, it is characterized in that, being sent out in the acquisition first movement processing data information terminal
It is sent to before the communication request of the second mobile data information processing terminal, the method also includes:
The registration request for obtaining the mobile data information processing terminal generates at the mobile data information according to the registration request
The device coding of terminal is managed, and sends the mobile data information processing terminal, the mobile data for the device coding
The information processing terminal encrypts the device coding by the public key of center management module, obtains encryption device coding;
The encryption device coding is decrypted by the private key of the center management module, is known according to decrypted result judgement
The mobile data information processing terminal meets communication connection condition, then generates corresponding digital certificate and be sent to the mobile number
According to the information processing terminal, to be registered to the mobile data information processing terminal.
6. according to the method described in claim 5, it is characterized in that, in the private key by the center management module to institute
It states encryption device coding to be decrypted, knows that the mobile data information processing terminal meets communication link according to decrypted result judgement
Narrow bars part then generates corresponding digital certificate and is sent to the mobile data information processing terminal, to believe the mobile data
After breath processing terminal is registered, the method also includes:
Obtain the public key encryption device coding and private key encryption device coding of the mobile data information processing terminal, the public key
Encryption device coding encrypts to obtain by the public key of the center management module to the device coding, the private key encryption equipment
Coding encrypts to obtain by the private key of the mobile data information processing terminal to the device coding;
The public key encryption device coding and the private key encryption device coding are decrypted respectively, according to decrypted result
Judgement knows that the logining for the mobile data information processing terminal is proved to be successful, then generates the mobile data information processing terminal
Communication coding, for the mobile data information processing terminal establish communicate to connect.
7. according to the method described in claim 6, it is characterized in that, obtaining the first movement processing data information end described
Hold send second public key certificate, according to second public key certificate to the second mobile data information processing terminal into
Row integrity verification, if being verified, the first movement processing data information terminal and the second mobile data information
Processing terminal is established after secure communication connection, the method also includes:
The communication process between each mobile data information processing terminal is carried out according to the solution annual reporting law of Byzantium's general's problem
Security verification takes safety measures to the mobile data information processing terminal for sending wrong data information, so that other
The mobile data information processing terminal securely communicates.
8. a kind of electronic equipment including memory, processor and stores the calculating that can be run on a memory and on a processor
Machine program, which is characterized in that the processor is realized when executing described program such as any one of claim 3 to 7 the method
Step.
9. a kind of non-transient computer readable storage medium, is stored thereon with computer program, which is characterized in that the computer journey
It is realized when sequence is executed by processor such as the step of any one of claim 3 to 7 the method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811552958.6A CN109803255B (en) | 2018-12-18 | 2018-12-18 | Mobile data information safety communication system and method for digital workshop |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811552958.6A CN109803255B (en) | 2018-12-18 | 2018-12-18 | Mobile data information safety communication system and method for digital workshop |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109803255A true CN109803255A (en) | 2019-05-24 |
CN109803255B CN109803255B (en) | 2022-04-08 |
Family
ID=66557139
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811552958.6A Active CN109803255B (en) | 2018-12-18 | 2018-12-18 | Mobile data information safety communication system and method for digital workshop |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109803255B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111813829A (en) * | 2020-06-30 | 2020-10-23 | 平安国际智慧城市科技股份有限公司 | Data resolution method, device, electronic equipment and storage medium |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150052352A1 (en) * | 2013-06-23 | 2015-02-19 | Shlomi Dolev | Certificating vehicle public key with vehicle attributes |
CN104661219A (en) * | 2015-01-15 | 2015-05-27 | 天地融科技股份有限公司 | Communication method of wireless equipment, wireless equipment and server |
CN105305615A (en) * | 2015-09-15 | 2016-02-03 | 成都华兴智造科技有限公司 | Wireless test and data transmission system monitoring method |
CN105791272A (en) * | 2016-02-23 | 2016-07-20 | 青岛海尔智能家电科技有限公司 | Method and device for secure communication in Internet of Things |
CN106102062A (en) * | 2016-06-14 | 2016-11-09 | 中国联合网络通信集团有限公司 | A kind of public wireless network cut-in method and device |
CN107480843A (en) * | 2016-10-14 | 2017-12-15 | 浙江中之杰软件技术有限公司 | A kind of digital workshop integrated management system |
CN107864118A (en) * | 2017-08-14 | 2018-03-30 | 上海壹账通金融科技有限公司 | Login validation method, system and computer-readable recording medium |
CN108763967A (en) * | 2018-06-05 | 2018-11-06 | 苏州科达科技股份有限公司 | Obtain system, method, apparatus and the storage medium of device certificate |
-
2018
- 2018-12-18 CN CN201811552958.6A patent/CN109803255B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150052352A1 (en) * | 2013-06-23 | 2015-02-19 | Shlomi Dolev | Certificating vehicle public key with vehicle attributes |
CN104661219A (en) * | 2015-01-15 | 2015-05-27 | 天地融科技股份有限公司 | Communication method of wireless equipment, wireless equipment and server |
CN105305615A (en) * | 2015-09-15 | 2016-02-03 | 成都华兴智造科技有限公司 | Wireless test and data transmission system monitoring method |
CN105791272A (en) * | 2016-02-23 | 2016-07-20 | 青岛海尔智能家电科技有限公司 | Method and device for secure communication in Internet of Things |
CN106102062A (en) * | 2016-06-14 | 2016-11-09 | 中国联合网络通信集团有限公司 | A kind of public wireless network cut-in method and device |
CN107480843A (en) * | 2016-10-14 | 2017-12-15 | 浙江中之杰软件技术有限公司 | A kind of digital workshop integrated management system |
CN107864118A (en) * | 2017-08-14 | 2018-03-30 | 上海壹账通金融科技有限公司 | Login validation method, system and computer-readable recording medium |
CN108763967A (en) * | 2018-06-05 | 2018-11-06 | 苏州科达科技股份有限公司 | Obtain system, method, apparatus and the storage medium of device certificate |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111813829A (en) * | 2020-06-30 | 2020-10-23 | 平安国际智慧城市科技股份有限公司 | Data resolution method, device, electronic equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN109803255B (en) | 2022-04-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111209334B (en) | Power terminal data security management method based on block chain | |
CN108989346B (en) | Third-party valid identity escrow agile authentication access method based on account hiding | |
CN100496025C (en) | Ternary equal identification based reliable network access control method | |
CN102624705B (en) | A kind of intelligent image verification method and system | |
CN109257342A (en) | Authentication method, system, server and readable storage medium storing program for executing of the block chain across chain | |
CN106878318A (en) | A kind of block chain real time polling cloud system | |
CN106899410A (en) | A kind of method and device of equipment identities certification | |
CN104869175A (en) | Cross-platform account resource sharing implementation method, device and system | |
CN105262773B (en) | A kind of verification method and device of Internet of things system | |
CN104283853A (en) | Method, terminal device and network device for improving information safety | |
US11102006B2 (en) | Blockchain intelligent security implementation | |
CN107508791A (en) | A kind of terminal identity verification method and system based on distributed key encryption | |
CN110147666A (en) | Lightweight NFC identity identifying method, Internet of Things communications platform under scenes of internet of things | |
CN107484152A (en) | The management method and device of terminal applies | |
CN105610872B (en) | Internet-of-things terminal encryption method and internet-of-things terminal encryption device | |
CN114697048A (en) | Carbon emission data sharing method and system based on block chain | |
CN117171779B (en) | Data processing device based on intersection protection | |
CN105635164B (en) | The method and apparatus of safety certification | |
CN106559386A (en) | A kind of authentication method and device | |
CN105357015B (en) | A kind of Internet of Things safety certifying method | |
CN110634072A (en) | Block chain transaction system based on multiple tags and hardware encryption and operation mechanism thereof | |
CN206961165U (en) | A kind of NFC Antiforge systems | |
HanataniI et al. | A study on computational formal verification for practical cryptographic protocol: the case of synchronous RFID authentication | |
CN103441989B (en) | A kind of authentication, information processing method and device | |
CN113489741A (en) | Password resetting method and device for Internet of things platform, Internet of things server and medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |